diff --git a/inventory/group_vars/9iron.club.yml b/inventory/group_vars/9iron.club.yml
index 77b9476..e14809d 100644
--- a/inventory/group_vars/9iron.club.yml
+++ b/inventory/group_vars/9iron.club.yml
@@ -52,26 +52,28 @@ psql:
## WEBAPPS
# Gitea
-gitea_mysql_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 62353264353465316661353738666161313036373761666163663733656461316536636334386335
- 6161386630663739363439383237343065333239613134610a383036373735326536386464343164
- 31346337636665356630336234306534646362386663633734353166373761316139313734306630
- 3364306566323666310a323034303434613237643665643637633430353437316339356463646331
- 33353062343164396465326365653561626363343961326363633231303736316436643935646161
- 3933353234613430373930663832643934613233383635613433
-gitea_app_name: "9iron Gitea"
-gitea_disable_registration: "false"
-gitea_url: "git.9iron.club"
-gitea_admin_username: "salt"
-gitea_admin_email: "rehashedsalt@cock.li"
-gitea_admin_password: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 35613039646236306236363930353231303331633765303039373736626666666530323433356466
- 3062633166313332643039613561303431613735396339650a376664373137643439303465376365
- 35313266376539366134343562626164616666306338343538663361393964626565303331383234
- 3565646664333966650a323530356664366262653763363439613534303764366436376634373639
- 62303264653836656162366362316461656363353539343632616462626231643632
+gitea:
+ mysql_password: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 62353264353465316661353738666161313036373761666163663733656461316536636334386335
+ 6161386630663739363439383237343065333239613134610a383036373735326536386464343164
+ 31346337636665356630336234306534646362386663633734353166373761316139313734306630
+ 3364306566323666310a323034303434613237643665643637633430353437316339356463646331
+ 33353062343164396465326365653561626363343961326363633231303736316436643935646161
+ 3933353234613430373930663832643934613233383635613433
+ app_name: "9iron Gitea"
+ disable_registration: "false"
+ url: "git.9iron.club"
+ admin:
+ user: "salt"
+ email: "rehashedsalt@cock.li"
+ pass: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 35613039646236306236363930353231303331633765303039373736626666666530323433356466
+ 3062633166313332643039613561303431613735396339650a376664373137643439303465376365
+ 35313266376539366134343562626164616666306338343538663361393964626565303331383234
+ 3565646664333966650a323530356664366262653763363439613534303764366436376634373639
+ 62303264653836656162366362316461656363353539343632616462626231643632
# Grafana
grafana_mysql_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml
index c3f8de4..ccb850e 100644
--- a/roles/gitea/defaults/main.yml
+++ b/roles/gitea/defaults/main.yml
@@ -1,7 +1,7 @@
# vim:ft=ansible:
gitea_root_directory: "/home/git/gitea-repositories"
-gitea_app_name: "Ansible Gitea"
+gitea.app_name: "Ansible Gitea"
gitea_push_create_user: "true"
gitea_push_create_org: "false"
-gitea_disable_registration: "true"
+gitea.disable_registration: "true"
gitea_webroot: "/var/www/gitea"
diff --git a/roles/gitea/tasks/add_default_user.yml b/roles/gitea/tasks/add_default_user.yml
index a679d39..c20f571 100644
--- a/roles/gitea/tasks/add_default_user.yml
+++ b/roles/gitea/tasks/add_default_user.yml
@@ -10,11 +10,11 @@
- admin
- create-user
- --username
- - "{{ gitea_admin_username }}"
+ - "{{ gitea.admin.user }}"
- --password
- - "{{ gitea_admin_password }}"
+ - "{{ gitea.admin.pass }}"
- --email
- - "{{ gitea_admin_email }}"
+ - "{{ gitea.admin.email }}"
- --config
- /etc/gitea/app.ini
- name: Promote user to admin
@@ -25,8 +25,8 @@
- -u
- gitea
- -p
- - "{{ gitea_mysql_password }}"
+ - "{{ gitea.mysql_password }}"
- -e
- - 'UPDATE user SET is_admin = 1 WHERE name = "{{ gitea_admin_username }}";'
+ - 'UPDATE user SET is_admin = 1 WHERE name = "{{ gitea.admin.user }}";'
become: yes
become_user: git
diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml
index ab10022..f8d48e4 100644
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -16,7 +16,7 @@
mysql_user:
name: gitea
host: localhost
- password: "{{ gitea_mysql_password }}"
+ password: "{{ gitea.mysql_password }}"
priv: "gitea.*:ALL,GRANT"
login_user: root
login_password: "{{ mysql.root_password }}"
@@ -33,7 +33,7 @@
- name: Template out vhost
template:
src: "apache2-vhost-ssl.conf"
- dest: "/etc/apache2/sites-available/{{ gitea_url }}.conf"
+ dest: "/etc/apache2/sites-available/{{ gitea.url }}.conf"
notify: restart apache
- name: Create webroot
file:
@@ -41,14 +41,14 @@
path: "{{ gitea_webroot }}"
- name: Enable site
command:
- cmd: "a2ensite {{ gitea_url }}.conf"
- creates: "/etc/apache2/sites-enabled/{{ gitea_url }}.conf"
+ cmd: "a2ensite {{ gitea.url }}.conf"
+ creates: "/etc/apache2/sites-enabled/{{ gitea.url }}.conf"
notify: restart apache
- name: Generate certificate
include_role:
name: https
vars:
- website_url: "{{ gitea_url }}"
+ website_url: "{{ gitea.url }}"
- name: Install git
apt:
name: git
@@ -130,6 +130,6 @@
- name: Template out backup module
template:
src: "backup.sh"
- dest: "/opt/backups/modules/{{ gitea_url }}.sh"
+ dest: "/opt/backups/modules/{{ gitea.url }}.sh"
mode: "0600"
become: yes
diff --git a/roles/gitea/templates/apache2-vhost-ssl.conf b/roles/gitea/templates/apache2-vhost-ssl.conf
index c0f7337..c9fe03d 100644
--- a/roles/gitea/templates/apache2-vhost-ssl.conf
+++ b/roles/gitea/templates/apache2-vhost-ssl.conf
@@ -1,4 +1,4 @@
-# Configuration for {{ gitea_url }}
+# Configuration for {{ gitea.url }}
# vim:ft=apache:
# Accept connections from non-SNI clients
@@ -8,17 +8,17 @@ SSLProxyEngine on
# Website configuration
- ServerName {{ gitea_url }}
- Redirect permanent / https://{{ gitea_url }}
+ ServerName {{ gitea.url }}
+ Redirect permanent / https://{{ gitea.url }}
SSLEngine on
- SSLCertificateFile /etc/pki/cert/crt/{{ gitea_url }}.crt
- SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea_url }}.key
- SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea_url }}-fullchain.crt
+ SSLCertificateFile /etc/pki/cert/crt/{{ gitea.url }}.crt
+ SSLCertificateKeyFile /etc/pki/cert/private/{{ gitea.url }}.key
+ SSLCertificateChainFile /etc/pki/cert/crt/{{ gitea.url }}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
SSLCipherSuite {{ ssl_cipher_suite }}
- ServerName {{ gitea_url }}
+ ServerName {{ gitea.url }}
DocumentRoot {{ gitea_webroot }}
Require all granted
diff --git a/roles/gitea/templates/app.ini b/roles/gitea/templates/app.ini
index c0a24e2..f21c4e6 100644
--- a/roles/gitea/templates/app.ini
+++ b/roles/gitea/templates/app.ini
@@ -1,4 +1,4 @@
-APP_NAME = {{ gitea_app_name }}
+APP_NAME = {{ gitea.app_name }}
RUN_USER = git
RUN_MODE = prod
@@ -7,7 +7,7 @@ DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gitea
USER = gitea
-PASSWD = {{ gitea_mysql_password }}
+PASSWD = {{ gitea.mysql_password }}
SSL_MODE = disable
CHARSET = utf8
PATH = /var/lib/gitea/data/gitea.db
@@ -43,10 +43,10 @@ PASSWORD_COMPLEXITY = off
SECRET_KEY = {{ gitea_secret_key.stdout }}
[server]
-SSH_DOMAIN = {{ gitea_url }}
-DOMAIN = {{ gitea_url }}
+SSH_DOMAIN = {{ gitea.url }}
+DOMAIN = {{ gitea.url }}
HTTP_PORT = 3000
-ROOT_URL = https://{{ gitea_url }}/
+ROOT_URL = https://{{ gitea.url }}/
DISABLE_SSH = false
SSH_PORT = 22
LFS_START_SERVER = true
@@ -57,7 +57,7 @@ OFFLINE_MODE = true
[service]
REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true
-DISABLE_REGISTRATION = {{ gitea_disable_registration }}
+DISABLE_REGISTRATION = {{ gitea.disable_registration }}
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
diff --git a/roles/gitea/templates/backup.sh b/roles/gitea/templates/backup.sh
index 5ea3154..8c054b7 100644
--- a/roles/gitea/templates/backup.sh
+++ b/roles/gitea/templates/backup.sh
@@ -9,7 +9,7 @@
set -e
-export OUTDIR="$BACKUPSDIR/{{ gitea_url }}"
+export OUTDIR="$BACKUPSDIR/{{ gitea.url }}"
retention=7 # 7-day retention period
# Sanity checks